diff options
| author | root | 2014-03-12 19:40:22 +0100 |
|---|---|---|
| committer | root | 2014-03-12 19:40:22 +0100 |
| commit | 3e38a85eb59872496eb5d80f2a971f444bc2c97d (patch) | |
| tree | b805af163a815bacb96f63bfebce53aa8f365b60 /www/functions/func_select.php | |
| parent | f0a3315c79da986224a00429431ae3e5c78c9c33 (diff) | |
| parent | 246cd8a39c64c174171784fb891a6aca8e3c7dc4 (diff) | |
| download | files.iamfabulous.de-3e38a85eb59872496eb5d80f2a971f444bc2c97d.tar.gz | |
Respects your privacy now
Diffstat (limited to 'www/functions/func_select.php')
| -rw-r--r-- | www/functions/func_select.php | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/www/functions/func_select.php b/www/functions/func_select.php index 4ca9e66..ca3c53f 100644 --- a/www/functions/func_select.php +++ b/www/functions/func_select.php @@ -13,28 +13,22 @@ function select($db){ } $owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';"); - if(empty($owner_db)){ + $owner_ar = $owner_db->fetchArray(SQLITE3_NUM); + if(empty($owner_ar)){ failure("This user doesn't exist."); } - $owner_ar = $owner_db->fetchArray(SQLITE3_NUM); $owner = $owner_ar[0]; $folder_array_unsafe = explode("/",$_GET["folder"]); $length = count($folder_array_unsafe); $root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . $owner . " AND folder='DIRECTORY' " . $share . ";"); - if(empty($root_db)){ - failure("There is something seriously wrong. If you are a human you should never read this. Mail the admin please."); - } $root_ar = $root_db->fetchArray(SQLITE3_NUM); if(empty($root_ar)){ - failure("empty"); - } - $root_id = $root_ar[0]; - if(!$root_id > 0){ failure("Seems like the user doesn't want to show his tree: " . $root_id); } + $root_id = $root_ar[0]; $parentdir = SQLite3::escapeString($root_id); $temp_id = $root_id; @@ -42,10 +36,12 @@ function select($db){ if(!empty($folder_array_unsafe[$i])){ $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';"); - if(empty($parentdir_db)){ + + $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); + if(empty($prim_id)){ failure("Database error."); } - $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); + if($parentdir != $prim_id[1]){ $wrong_folder = $folder_array_unsafe[$i]; @@ -76,7 +72,6 @@ function select($db){ $content[$count][6] = $row[6]; $content[$count][7] = $row[7]; $content[$count][8] = $row[8]; - //echo "<a href='/". $user . "/" . $content[$count][3] . "'>" . $content[$count][3] . "</a><br>"; $count++; } |